(2023-08-22) Old chips, new perspectives
----------------------------------------
I hope you have noticed that a new document has appeared in the "LuxDocs"
section of my server. It's titled "MAUI knowledge base (MT6261 edition)".
That's quite an ambitious title, but this document really contains
everything I have learned throughout my MT6261-related journey since 2015.
Unfortunately, I had to omit plenty of things that only apply to phones
manufactured before 2018, as the manufacturers have dumbed them down even
further as of now.

In general, I'm not satisfied with the progress of my research on both
SC6531E and MT6261(D/M). But for SC6531E I already can at least read and
write full flash contents. For MT6261 though, I can only read. There is no
information on how to write it correctly: neither with DA nor via the SPI
interface the chipset exposes. Regarding SPI, I tried implementing some
interface according to the Fernly source code, but no success so far with
running anything through it (at least for the standard 0x06, 0x02 and 0x03
commands and so on). Most probably I'm missing something, but I don't have
any source of information as to what exactly. In fact, I have been on the
verge of starting disassembling/decompiling the working DAs I have at hand,
because for SC6531 there are at least some FDL source codes floating around,
but not for MT6261. But it looks like there is a giant archive with some
MT6261-related source code leaks sitting on MEGA, so I'm going to study that
abomination first. By the way, a huge shoutout to Megous for writing
megatools CLI downloader. This was the only way I could download all these
huge .rars on my Arch. And yes, RAR must die.

On the other hand, buying this new Sigma 31 Power Type-C edition has given me
some additional motivation to resume this research, as well as to compile
this KB document. Especially about MAUI WAP Browser which the Sigma Mobile
brand owners said it was never there until I publicly pointed their noses at
it. Guys, if you want to hide the Web/WAP browser functionality in your
phone, at least don't leave it available in the shortcut/fast access key
configuration. They even left a "screenshot" in their own support page
explaining how to configure fast access keys, and this picture contains the
"Internet service" item! And if that's not enough, one can also enter the
browser via opening .url files. That's not your usual Faildows-originated
[InternetShortcut] INIs but a format called vBookmark which I also described
in my document.

Given how old the MT626x platform itself really is, I'm not sure why MediaTek
still is so greedy about it and doesn't release full specifications and
flashing protocols to the public, only in the form of DA blobs and obscure
Faildows-only tools. Yes, I know, there is a Linux version of SP Flash Tool
that recently started working in different distros other than Ubuntu... if
you supply the correct LD_LIBRARY_PATH, that is, but you need to find a
correct DA multi-binary, have the correct scatter file and run all this on
an x86 machine. Why? Because no libflashtool.so source code for ya, that's
why! Hadn't it been for this stupid policy, I'd rather work with MT6261 than
with SC6531E as the potential candidate target for FOSS feature phone
firmware, as the hardware itself is generally much more reliable and
energy-efficient than Spreadtrum/Unisoc.

Raw flash access to the devices you buy with your own money must be a
universal right, not a privilege.

--- Luxferre ---

You are viewing proxied material from hoi.st. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.